Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Extensible DBI front-end

by TheoPetersen (Priest)
on Jul 17, 2001 at 21:35 UTC ( #97374=perlquestion: print w/ replies, xml ) Need Help??
TheoPetersen has asked for the wisdom of the Perl Monks concerning the following question:

I haven't been a big fan of DBI front-ends in the past; I particularly don't care for the ones that try to make an abstract interface around SQL, since I always seem to run into something the interface doesn't handle. But I do appreciate centralized logging and debugging facilities and other such features.

Today I needed to add HTML screening to one of our sites, which uses a home-brewed wrapper around DBI for inserts and updates. That was fortunate, since I could go into the two methods and call escape_html on each value being passed to DBI's execute method. Neat and simple, but it got me wondering.

It seems like other sites and tools would benefit from having a front-end that prepares data before DBI writes it -- maybe you only want to screen some HTML tags, or check for naughty words or what ever. I went looking around for such a beast, but couldn't find one, nor could I see an easy way to put a hook for such into the DBI code (though I didn't look very hard).

I checked a few modules on CPAN that seemed likely contenders; DBIx::Abstract has most of the other features of our home-brew, and would be as easily modified to handle this, but doesn't have a quote/escape hook.

So, anyone know of a good module for doing this, an easy way to hook the code into DBI, or a better solution?

Comment on Extensible DBI front-end
Replies are listed 'Best First'.
Re: Extensible DBI front-end
by Masem (Monsignor) on Jul 17, 2001 at 22:13 UTC
    Possibly overlooked, but easily plugged in (though non-module) is the approach the the Everything engine does. You can find it in their code, the upshot being that besides the conversion of the typical HTML symbols to the &###; variety, it also limits what HTML tags you can accept in an HTML field (including none), as well as the ability to limit what attributes in those tags are accepted.

    Mind you, I yet to see of a good DBI frontend that does any other preparsing beyond that of meta-quoting.


    Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://97374]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (5)
As of 2015-07-29 01:23 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (260 votes), past polls